For businesses large and small, relying on a cloud-based collaboration and productivity suite such as Microsoft Office 365 is becoming the norm. Enhancing productivity in your organisation is vital to get ahead in 2017 - and using Office 365 can help, if it's used right...

North Korea's cyber attack capabilities are expanding fast - and turning their fire on a wider range of targets

One of North Korea's most prominent hacking organisations is looking to launch attacks on targets beyond South Korea, researchers at security firm FireEye has warned.

Its latest report claims that the so-called APT37 hacking group, which has been strongly linked with North Korea's government, is working on attacks targeting government, media, entertainment, aerospace and defence, not just in South Korea, but against targets globally.

The group was behind malware that exploited a zero-day vulnerability in Adobe Flash Player, which Adobe was particularly slow to patch, used to target South Korean researchers. FireEye said this demonstrates that the organisation is new working with a "concerning level of technical sophistication".

The researchers added that they are highly confident that this "activity is carried out on behalf of the North Korean government".

Much of the organisation's attacks are aligned with North Korea's state interests. In particular, it is now targeting Japan, Vietnam and the Middle East, as well as South Korea with which it technically remains in a state of war.

In these countries, North Korean state hackers are looking to infiltrate industry verticals such as electronics, manufacturing, healthcare, automotive and aerospace.

The hackers are using a plethora of tactics to infect victims. FireEye said they are using "engineering tactics tailored specifically to desired targets and strategic web compromises typical of targeted cyber espionage operations".

Another focus of the organisation is exploiting vulnerabilities. In particular, capitalising on security flaws in the Hangul Word Processor, popular in South Korea, and Adobe Flash as part of their attack methodology.

FireEye added that the organisation is using compromised servers, messaging platforms and cloud service providers in a bid to stay under the radar. "The group has shown increasing sophistication by improving their operational security over time," the report warned.

In other words, they are learning from their mistakes, in a country with few computers and no internet access on which private individuals can teach themselves.

The group has also created "a diverse suite of malware for initial intrusion and exfiltration", according to FireEye. They added: "Along with custom malware used for espionage purposes, APT37 also has access to destructive malware."

"It would be foolish to think that North Korea is the only nation state engaged in such behaviour. Whether it's a sophisticated zero-day attack, or a more simplistic phishing attempt, this report shows that the threat from nation state attacks is very real," he said.

"We have already seen these attacks can have a huge impact on everyday life - just look at all the hospital appointments that had to be cancelled last year following WannaCry.

"Yet all this disruption and chaos can often be no more than a distraction designed to divert attention from the actor's real intention. This helps hackers to siphon sensitive data while SOC [security operations centre] teams are busy putting out fires."